Law enforcement agencies around the globe have had a busy week, with Europol arresting five hackers allegedly involved in or linked to the REvil ransomware group. The US Department of Justice also announced the arrest of two foreign nationals—one Ukrainian and one Russian—for alleged involvement in the ransomware attack on Kaseya. Attorney General Garland said of the arrests, “ ‘Our message today is clear. The United States, together with our allies, will do everything in our power to identify the perpetrators of ransomware attacks, to bring them to justice, and to recover the funds they have stolen from their victims.’ ”
In what was reportedly the first financial crime field operation for Interpol, Irish police successfully took down a network of local threat actors operating on the global theater. Alas, the slew of arrests over the past several weeks hasn’t proven to be a deterrent for malicious actors. Threatpost reported that researchers have been tracking a Russian-language threat group dubbed Void Balaur, or Rockethack, that has been targeting thousands of high-profile victims from journalists to political leaders and activists.
Cybersecurity as national security continues to be a focus of the Biden administration. This week, the United States joined a global cybersecurity partnership. In an effort to expedite the implementation of its new Zero Trust Cybersecurity Model, the Pentagon will open a Zero Trust office in December.
Now, let’s take a look at other cybersecurity headlines you might have missed this week.
Nov. 12: The Sydney Morning Herald highlighted ethical hackers working to combat cybercrime.
Nov. 12: GovInfoSecurity reported, “A penetration testing company discovered a critical zero-day vulnerability in Palo Alto Networks’ GlobalProtect VPN product but did not inform the company until about 11 months later, which has triggered some criticism.”
Nov. 12: “Google’s Threat Analysis Group (TAG) has revealed that hackers targeting visitors to websites in Hong Kong were using a previously undisclosed, or zero-day, flaw in macOS to spy on people,” ZDNet reported.
Nov. 11: Europol issued the newest edition of its Internet Organised Crime Threat Assessment, which found that ransomware groups have increasingly targeted organizations, and scammers have leveraged the pandemic to defraud victims.
Nov. 11: The Cyber Range at the University of Texas San Antonio is providing cybersecurity training to local businesses, schools, and organizations.
Nov. 11: The Hill reported, “President Biden on Thursday signed into law bipartisan legislation to secure telecommunications systems against potential foreign threats, particularly from those linked to China.” Meanwhile, The Cybersecurity 202 reported, “The top Republican on the House Homeland Security Committee thinks the government needs to slow its roll when it comes to cybersecurity regulations.”
Nov. 10: Krebs on Security reported on a growing trend in bank fraud where scammers are using SMS text messages with fraud alerts in an attempt to get a response from unwitting victims.
Nov. 10: “Global law enforcers, governments and the tech industry came together last week to practice their response to the hypothetical viral spread of terrorist content online following a serious attack,” Infosecurity Magazine reported.
Nov. 9: Bleeping Computer reported that Microsoft issued a reminder to users of all Windows 10 editions that “version 2004 and Windows Server, version 2004 (also known as the Windows 10 May 2020 Update), will reach end of servicing on December 14, 2021.”Nov. 8: “Looking at more than 200 companies that attended international arms fairs in the past two decades, researchers found that 85% of companies likely selling interception or intrusion technologies marketed these capabilities to governments outside their home country — even when no intelligence relationship existed,” CyberScoop reported.